General
-
Target
f0bc2dd37cdf4f6ae0f3892c4127965067871d7267ea5231a978745aab46da5a
-
Size
662KB
-
Sample
191025-adcwa7wyes
-
MD5
a40893fecbfd07c5deb6210b7b6fd6ac
-
SHA1
27610a6cb8897999bab6262aea6dc9413388d74d
-
SHA256
f0bc2dd37cdf4f6ae0f3892c4127965067871d7267ea5231a978745aab46da5a
-
SHA512
489ecf84f68ae91c54c341635bafdc2e3cc7754cf9717afc1f3157db8479ac0761b6030a8fcac8d58b7ac6bbd7965f55b5359297b60d08b77451c72a5938f9a5
Task
task1
Sample
f0bc2dd37cdf4f6ae0f3892c4127965067871d7267ea5231a978745aab46da5a.exe
Resource
win7v191014
Task
task2
Sample
f0bc2dd37cdf4f6ae0f3892c4127965067871d7267ea5231a978745aab46da5a.exe
Resource
win10v191014
Malware Config
Targets
-
-
Target
f0bc2dd37cdf4f6ae0f3892c4127965067871d7267ea5231a978745aab46da5a
-
Size
662KB
-
MD5
a40893fecbfd07c5deb6210b7b6fd6ac
-
SHA1
27610a6cb8897999bab6262aea6dc9413388d74d
-
SHA256
f0bc2dd37cdf4f6ae0f3892c4127965067871d7267ea5231a978745aab46da5a
-
SHA512
489ecf84f68ae91c54c341635bafdc2e3cc7754cf9717afc1f3157db8479ac0761b6030a8fcac8d58b7ac6bbd7965f55b5359297b60d08b77451c72a5938f9a5
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run entry to start application
-
Checks system information in the registry (likely anti-VM)
-
Modifies service
-
Suspicious use of SetThreadContext
-